diff --git a/Cargo.lock b/Cargo.lock index 3fd8461..83604a6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -126,7 +126,9 @@ dependencies = [ [[package]] name = "desfire" -version = "0.1.0" +version = "0.2.0-alpha1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83dddd3136b4dfc80f46dc6441cd3f16f99317e645bedc61eabc1452d24bfb3f" dependencies = [ "aes", "block-modes", diff --git a/README.md b/README.md index 2875141..ce12034 100644 --- a/README.md +++ b/README.md @@ -3,9 +3,10 @@ FabFire Provisioning Tool # Usage ## Provisioning ```shell -cargo run -- --space "innovisionlab" --instance fabaccess.innovisionlab.de --contact https://innovisionlab.de/lostandfound +cargo run -- --space "innovisionlab" --instance fabaccess.innovisionlab.de --contact https://innovisionlab.de/lostandfound --token "Testuser" ``` -Replace `--space`, `--instance` and `--contact` with your own values. +1. Replace `--space`, `--instance` and `--contact` with your own values. +2. Set `--token` to the users username. You can supply your own keys and Application ID with the appropriate cmdline arguments, view `--help` for more information. ## Formating Card diff --git a/src/card.rs b/src/card.rs index 9dc430f..5ed8ebc 100644 --- a/src/card.rs +++ b/src/card.rs @@ -65,7 +65,6 @@ impl CardTrait for PCSCCard { } fn transmit(&self, apdu_cmd: APDUCommand) -> Result { - println!("{}", apdu_cmd); let apdu = Vec::::try_from(apdu_cmd).unwrap(); let mut rapdu_buf = [0; MAX_BUFFER_SIZE]; let rapdu = match self.card.as_ref().as_ref().unwrap().transmit(apdu.as_slice(), &mut rapdu_buf) { diff --git a/src/main.rs b/src/main.rs index f6c1411..f6023fd 100644 --- a/src/main.rs +++ b/src/main.rs @@ -50,7 +50,7 @@ struct Args { #[clap(short, long, required_unless_present = "format")] contact: Option, - /// User token (will be generated for you if not given) + /// User token, currently this should be set to the Username (will be generated for you if not given) #[clap(short, long)] token: Option, @@ -61,7 +61,6 @@ struct Args { fn main() -> Result<(), Box> { let args = Args::parse(); - println!("{:?}", args); // connect to the card let mut card = PCSCCard::new()?; @@ -93,6 +92,9 @@ fn main() -> Result<(), Box> { desfire.select_application(0x000000); desfire.authenticate_iso_des(0x00, master_key.key.as_ref(), None)?; desfire.format_picc()?; + + println!("Card formatted"); + return Ok(()) } else { let space = match args.space { @@ -113,17 +115,14 @@ fn main() -> Result<(), Box> { // encode the space info let space_urn = UrnBuilder::new("fabaccess", &format!("lab:{}", urlencoding::encode(space))) .build()?; - println!("Space URN: {}", space_urn); let instance_uri = URI::builder() .with_scheme(Scheme::Unregistered(UnregisteredScheme::try_from("fabaccess")?)) .with_authority(Some(Authority::try_from(instance.deref())?)) .with_path(Path::try_from("")?) .build()?; - println!("Instance URI: {}", instance_uri); let contact_uri = URI::try_from(contact.deref())?; - println!("Contact URI: {}", contact_uri); let token = match args.token { Some(token) => { @@ -136,7 +135,6 @@ fn main() -> Result<(), Box> { Uuid::new_v4().to_string() } }; - println!("Token: {}", token); // authenticate against picc desfire.authenticate_iso_des(0x00, master_key.key.as_ref(), None)?; @@ -153,32 +151,22 @@ fn main() -> Result<(), Box> { // select the application desfire.select_application(args.app_id); - println!("generated application"); // change the application master key desfire.authenticate_iso_aes(0x00, CipherKey::new_empty(CipherType::AES)?.key.as_ref(), None)?; desfire.change_key_aes(0x00, app_key.key.as_ref(), app_key.key_version)?; - - println!("changed application master key"); - // authenticate with new application master key desfire.authenticate_iso_aes(0x00, app_key.key.as_ref(), None)?; - println!("authenticated with new application master key"); // set the user authentication key desfire.change_other_key_aes(0x01, user_key.key.as_ref(), CipherKey::new_empty(CipherType::AES)?.key.as_ref(), user_key.key_version)?; - println!("changed user authentication key"); - - println!("creating magic file with size {}", args.magic.len()); // create file with magic let magic_accessrights = generate_file_access_rights(FileAccessRights::FREE as u8, 0x00, 0x00, 0x00)?; desfire.create_file_standard(0x01, FileCommunication::PLAIN, magic_accessrights, args.magic.as_bytes().len() as u32)?; - println!("created magic file"); desfire.write_data(0x01, 0x00, args.magic.as_bytes())?; - println!("wrote magic"); // create file with space info let space_accessrights = generate_file_access_rights(FileAccessRights::FREE as u8, 0x00, 0x00, 0x00)?; @@ -186,13 +174,13 @@ fn main() -> Result<(), Box> { desfire.write_data(0x02, 0x00, space_urn.as_bytes())?; desfire.write_data(0x02, MAX_BYTES_PER_TRANSACTION as u32, instance_uri.to_string().as_bytes())?; desfire.write_data(0x02, (MAX_BYTES_PER_TRANSACTION * 2) as u32, contact_uri.to_string().as_bytes())?; - println!("created space info file"); // create file with token let token_accessrights = generate_file_access_rights(FileAccessRights::FREE as u8, 0x00, 0x00, 0x00)?; desfire.create_file_standard(0x03, FileCommunication::PLAIN, token_accessrights, MAX_BYTES_PER_TRANSACTION as u32)?; // Max desfire.write_data(0x03, 0x00, token.as_bytes())?; - println!("created token file"); + + println!("Card provisioned! Add the following to the users entry in 'users.toml': cardkey = \"{}\"", hex::encode(user_key.key)); Ok(()) }